package seismosurfer.servlets.security;

import java.io.IOException;
import java.security.Principal;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.securityfilter.authenticator.FormAuthenticator;
import org.securityfilter.authenticator.persistent.DefaultPersistentLoginManager;
import org.securityfilter.filter.SecurityFilter;
import org.securityfilter.filter.SecurityRequestWrapper;

import seismosurfer.data.UserData;
import seismosurfer.domain.SimplePrincipal;
import seismosurfer.servlets.util.ServletUtil;

import com.bbn.openmap.util.Debug;

/**
 * This filter is used to authenticate a user
 * as soon as she tries to access the
 * Seismo-Surfer web site.
 * This is done in order to associate her
 * with a role.
 *
 */
public class LoginFilter extends SecurityFilter {

    private static final String DEBUG = "LoginFilter";

    protected static final String GUEST_USERNAME = "guest";

    protected static final String GUEST_PASSWORD = "guest";

    protected static final String LOGOUT_PATH = "/logout.jsp";

    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain filterChain) throws ServletException, IOException {

        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;

        if (processRequest(req)) {

            Principal p = realm.authenticate(GUEST_USERNAME, GUEST_PASSWORD);

            if (Debug.debugging(DEBUG)) {
                Debug.output("Guest User:"
                        + ((SimplePrincipal) p).getUser().toString());
            }

            req.getSession().setAttribute(
                    SecurityRequestWrapper.PRINCIPAL_SESSION_KEY, p);
        }

        UserData u = ((SimplePrincipal) req.getUserPrincipal()).getUser();

        req.getSession().setAttribute(UserData.USER, u);

        filterChain.doFilter(req, res);

    }

    private boolean processRequest(HttpServletRequest req) {

        String path = req.getRequestURI();
        if (path.indexOf(LOGOUT_PATH) != -1) {
            return true;
        }

        Principal p = req.getUserPrincipal();

        if (p != null) {
            Debug.output("Principal at login filter:" + p.getName());
            return false;
        }

        boolean isLoginSubmit = req.getRequestURL().toString().endsWith(
                FormAuthenticator.DEFAULT_LOGIN_SUBMIT_PATTERN);

        if (isLoginSubmit) {
            return false;
        }

        Cookie cookie = ServletUtil.getCookie(req.getCookies(),
                SeismoPersistentLoginmanager.COOKIE_REMEMBERME);

        if (cookie != null) {
            return false;
        }

        return true;
    }

    private class SeismoPersistentLoginmanager extends
            DefaultPersistentLoginManager {
        
        private static final long serialVersionUID = -6461035330388502194L;

        protected static final String COOKIE_REMEMBERME = DefaultPersistentLoginManager.COOKIE_REMEMBERME;
    }
}
